What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-10-04 14:53:19 | Microsoft Discovers Iranian Hacking Campaign Targeting U.S. Politics (lien direct) | Microsoft says that a state-sponsored Iranian cyber-espionage group tracked as Phosphorus by the Microsoft Threat Intelligence Center (MSTIC) attempted to get account info on over 2,700 of its customers, attack 241 of them, and compromised four accounts between August and September. [...] | Threat Conference | APT 35 | |
 |
2019-03-28 06:57:04 | Microsoft Takes Control of 99 Domains Used by Iranian Cyberspies (lien direct) | Microsoft on Wednesday announced that it had taken control of 99 domains used by an Iran-linked cyberespionage group it tracks as Phosphorus. | Conference | APT 35 | |
 |
2019-03-27 18:04:01 | Microsoft takes control of 99 domains operated by Iranian state hackers (lien direct) | Microsoft takes control of 99 domains operated by APT35/Phosphorus cyber-espionage group. | Conference | APT 35 | |
|
2019-03-27 15:39:03 | Microsoft Retaliates Against APT35 Hacker Group by Seizing 99 Domains (lien direct) | Court documents unsealed today show how Microsoft's Digital Crimes Unit was able to block some of the cyber attacks conducted by an Iranian-backed advanced persistence threat (APT) group by taking over domains used as part of their core operations. [...] | Threat | APT 35 | |
 |
2019-01-21 16:15:03 | Has two-factor authentication been defeated? A spotlight on 2FA\'s latest challenge (lien direct) | Read more...) | Conference | APT 35 | |
 |
2018-12-17 16:42:04 | Charming Kitten Iranian Espionage Campaign Thwarts 2FA (lien direct) | The campaign targets politicians involved in economic and military sanctions against Iran, along with various journalists and human rights activists. | APT 35 | ||
 |
2018-12-15 12:07:04 | Charming Kitten, pirates Iraniens, infiltrent les Gmail et Yahoo de responsables US (lien direct) | Charming Kitten, des pirates informatiques iraniens tentent d’infiltrer les comptes mails de responsables américains en passant outre la double authentification proposée par les deux webmails. La société britannique Certfa annonce que des pirates informatiques iraniens auraient réussi à infilt... Cet article Charming Kitten, pirates Iraniens, infiltrent les Gmail et Yahoo de responsables US est apparu en premier sur ZATAZ. | Conference | Yahoo APT 35 | |
 |
2018-07-03 12:26:00 | Iranian Charming Kitten ATP group poses as Israeli cybersecurity firm in phishing campaign (lien direct) | Iranian APT groups continue to very active, recently Charming Kitten cyber spies attempted to pose as an Israeli cyber-security firm that uncovered previous hacking campaigns. The Iranian Charming Kitten ATP group, aka Newscaster or Newsbeef, launched spear phishing attacks against people interested in reading reports about it. The Newscaster group made the headlines in 2014 when experts at iSight issued a report describing the […] | Conference | APT 35 | |
|
2018-04-04 14:00:03 | Breaches Increasingly Discovered Internally: Mandiant (lien direct) | >Organizations are getting increasingly better at discovering data breaches on their own, with more than 60% of intrusions in 2017 detected internally, according to FireEye-owned Mandiant.
The company's M-Trends report for 2018 shows that the global median time for internal detection dropped to 57.5 days in 2017, compared to 80 days in the previous year. Of the total number of breaches investigated by Mandiant last year, 62% were discovered internally, up from 53% in 2016.
On the other hand, it still took roughly the same amount of time for organizations to learn that their systems had been compromised. The global median dwell time in 2017 – the median time from the first evidence of a hack to detection – was 101 days, compared to 99 days in 2016.
Companies in the Americas had the shortest median dwell time (75.5 days), while organizations in the APAC region had the longest dwell time (nearly 500 days).
Data collected by Mandiant in 2013 showed that more than one-third of organizations had been attacked again after the initial incident had been remediated. More recent data, specifically from the past 19 months, showed that 56% of Mandiant customers were targeted again by either the same group or one with similar motivation.
In cases where investigators discovered at least one type of significant activity (e.g. compromised accounts, data theft, lateral movement), the targeted organization was successfully attacked again within one year. Organizations that experienced more than one type of significant activity were attacked by more than one threat actor.
Again, the highest percentage of companies attacked multiple times and by multiple threat groups was in the APAC region – more than double compared to the Americas and the EMEA region.
When it comes to the most targeted industries, companies in the financial and high-tech sectors recorded the highest number of significant attacks, while the high-tech, telecommunications and education sectors were hit by the highest number of different hacker groups.
Last year, FireEye assigned names to four state-sponsored threat groups, including the Vietnam-linked APT32 (OceanLotus), and the Iran-linked APT33, APT34 (OilRig), and APT35 (NewsBeef, Newscaster and Charming Kitten).
|
Conference | APT33 APT 35 APT 33 APT 32 APT 34 | |
 |
2017-12-07 17:30:56 | Iranian Hacker Charged For HBO Breach Part Of Charming Kitten Group (lien direct) | The ISBuzz Post: This Post Iranian Hacker Charged For HBO Breach Part Of Charming Kitten Group | Conference | APT 35 | |
|
2017-12-07 09:13:17 | HBO hacker linked to the Iranian Charming Kitten APT group (lien direct) | >A new report published by ClearSky linked a man accused by U.S. authorities of hacking into the systems of HBO to the Iranian cyber espionage group Charming Kitten. Experts from the security firm ClearSky have published a new detailed report on the activities of Charming Kitten APT group, also known as Newscaster and NewsBeef. The Newscaster group made the headlines […] | Conference | APT 35 | |
|
2017-12-06 13:49:19 | HBO Hacker Linked to Iranian Spy Group (lien direct) | A man accused by U.S. authorities of hacking into the systems of HBO and attempting to extort millions of dollars from the company has been linked by security researchers to an Iranian cyber espionage group tracked as Charming Kitten. | Conference | APT 35 | |
|
2017-12-06 04:45:40 | HBO Hacker Was Part of Iran\'s "Charming Kitten" Elite Cyber-Espionage Unit (lien direct) | Behzad Mesri, the Iranian national the US has accused of hacking HBO this year, is part of an elite Iranian cyber-espionage unit known in infosec circles as Charming Kitten, according to a report released yesterday by Israeli firm ClearSky Cybersecurity. [...] | Conference | APT 35 | |
 |
2017-03-31 03:00:53 | Disttrack Malware Distribution Suggests Link between Shamoon 2 and Magic Hound (lien direct) | In November 2016, the security community first learned of a series of attacks known as “Shamoon 2.” The campaign has launched three waves as of this writing. In the first wave, bad actors infected an organization in Saudi Arabia with Disttrack. This trojan used a wiper component to overwrite protected parts of a system, including […]… Read More | APT 35 | ||
|
2017-03-27 20:51:22 | New Clues Surface on Shamoon 2\'s Destructive Behavior (lien direct) | Researchers report new connections between Magic Hound and Shamoon 2, along with descriptions of how the Disttrack malware component of campaigns moves laterally within infected networks. | Conference | APT 35 | |
|
2017-03-06 19:27:49 | Destructive StoneDrill Wiper Malware On The Loose (lien direct) | Kaspersky Lab released details about new wiper malware called StoneDrill that bears similarities to Shamoon2 and an APT outfit known as NewsBeef. | Conference | APT 35 | |
|
2017-02-16 12:27:22 | Iranian Spies Target Saudi Arabia in "Magic Hound" Attacks (lien direct) | 
A cyber espionage operation linked to Iran and the recent Shamoon 2 attacks has targeted several organizations in the Middle East, particularly in Saudi Arabia.
|
APT 35 | ||
 |
2017-02-16 05:16:26 | Magic Hound Campaign Attacks Saudi Targets (lien direct) | Unit 42 discovers a persistent attack campaign operating primarily in the Middle East dating back to at least mid-2016 which they have named Magic Hound. | Conference | APT 35 |
To see everything:
Our RSS (filtrered)
